The safest and most cost-effective way to make data disappear without having to destroy a hard disk drive (HDD) or Solid Disk Drive (SSD) is to simply overwrite it with random information. Now question is, how many overwriting passes are sufficient? Or, how many times do you write ones, zeroes, or other random data to a disk drive before it is completely wiped? It may be fewer than one can think.



How Many Passes Required for Wiping Hard Disk Drives Completely

Occasionally, customers ask regarding which data erasure standard they should follow as best practice, or the optimal number of erasure rounds required to securely erase a hard disk drive (HDD). Although this a complex question, it depends on several factors, particularly technology changes, research findings and recommended procedures. Several of these points will be covered in this post.

First, let’s take a look at the target of all these concerns: the hard disk drive—also referred to as a “hard drive” or “hard disk”—and what it means to overwrite one.


Why should we wipe disks multiple times?

There exists various ways of destroying the data on a disk. Even simple wipes differ, some disk utilities give these options:

  • Format (does not actually wipe)
  • Wipe 1 time with zero
  • Wipe 1 time with random bits
  • Wipe 7 times with zero / random bits
  • Wipe 14 times with zero / random bits

When you delete a file, some file systems won't actually remove the file from the disk (electrically), instead they will just remove the entry from the file table and leave the underlying bytes on the disk. This is why you can use some un-delete utilities to recover lost data. This holds true if you wipe a partition or do a quick format of a drive. The data is still there, even though you asked to delete it, it's just the higher level links that point to where the data is on the disk that are removed. This is in part to save time and to spare the hard drives mechanical parts. Performing a normal format (vs. quick) has a similar effect to writing all 0's to the drive.


Most hard drives, have multiple layers of magnetic material to write to. So when you overwrite an area of the disk with new data, some of the old underlying data might have a chance to be around (magnetically), even though it's removed from the file table entries and there are new bytes written to that area, there are still some (expensive) methods of recovering some data (not all data, and not necessarily reliably, but a chance enough for people to try it).


To counter this paramagnetic effect, wiping utilities will overwrite the entire disk with 1's or 0's (to flip all bits on/off) and then possibly random data to ensure any underlying data is fully overwritten.


Early 1990s: U.S. Department of Defence Specifies the 3-Pass Method

As early as the mid-1990s, operating manuals were released for classified information handling and data sanitization, the main one being the U.S. Department of Defence (DoD) National Industrial Security Program Operating Manual (PDF). This document specified that rigid magnetic disks should be sanitized by writing some “character, its complement, and then a random character” (i.e., three overwriting passes) and is known as the “DoD 5220.22-M” standard.

In 1996, Peter Gutmann published a paper that upset the status quo by affirming that some laboratories were theoretically capable of retrieving data from overwritten hard disks by using sophisticated tools such as magnetic force microscopes. As a result, he proposed an overwriting method consisting of 35 passes.

Does data can be overwritten on SSD?

Because of the nature of NAND flash memory, SSDs cannot directly overwrite data. Repeatedly overwriting a file before deleting it will not securely erase it on an SSD—the data would just be written elsewhere on the NAND.

Secure Erase Your SSD Using a Manufacturer Tool like DiskDeleter

Before we delve into safe methods for SSD, let’s review briefly types of SSDs available in market.

Mainly SSD are of 4 types:-


SLC(Single Level Cell) - This SSD is the best and most expensive type of SSD due to the fact that it uses only single cell to store a bit A cell is actually the place where data is stored in 0’s and 1’s .

Typically on Average SLC type of SSD can be overwritten about 50,000 to 1,00,000 times if you overwrite on an average 14 GB on SSD per day


MLC(Multi Level Cell) - This SSD is the second best type of SSD. It can store 2 bit on same cell. So they are cheaper than SLC due to less cells are required to hold same amount of data at once.

Typically on Average MLC type of SSD can be written about 10,000 to 35,000 (on 3d NAND) MLC type of SSD when overwrite on an average of 14 GB on SSD per day.


TLC(Triple Level Cell) - This SSD is more cheaper than MLC and can store 3 bit on same cell. Of course they have less performance than MLC and SLC. But this reduces the price of TLC SSD drastically.

TLC can write 300 - 1000 write cycles. So they are not fit for storage purpose.


QLC(Quad Level Cell) - This is newer kind of SSD’s which can store 4 bits on same cell. They have very low performance in comparison to the three above. They are just above the HDD(Hard Disk Drive) in performance and can perform worse than them too(If the load on the SSD is increased too much).

At last it does not matter how much you are overwriting. But how much data are you overwriting.


How to Securely Erase an SSD

It is challenging when it comes to wiping SSDs but thankfully, it is still possible to securely wipe your SSD without damaging the drive. The difference is that instead of securely wiping all data from the drive, an SSD "resets" to a clean memory state (not factory state, which implies there is no drive wear!).

As a part of the standardization of SSD specs, most SSDs have implemented [ Secure Erase ] command or [Enhanced Secure Erase ] command, which is effective in erasing data with its ware leveling implementation.

There are some common standard data wipe methods, like overwriting the data mapping table so that data cannot be read even if fragments of data remain on SSD. Some [ Enhanced Secure Erase ] implementations wipe all the memory blocks on SSD, on top of the data mapping table. But hardware manufacturers often do not disclose their specific implementations.

For more detailed information how DiskDeleter implements this, please refer


The "ATA Secure Erase" command instructs the drive to flush all stored electrons, a process that forces the drive to "forget" all stored data. The command resets all available blocks to the "erase" state (which is also the state the TRIM command uses for file deletion and block recycling purposes).


Importantly, the ATA Secure Erase command does not write anything to the SSD, unlike a traditional secure wipe tool. Instead, the command causes the SSD to apply a voltage spike to all available flash memory blocks in unison. The process resets every available block of space in a single operation, and the SSD is "clean."


Using the ATA Secure Erase command does use a whole program-erase cycle for your SSD. So yes, it does cause a small amount of wear, but it is negligible compared to a traditional secure wipe tool.



When erasing data from disk drives, organizations should reply on professional disk wipe softwares like DiskDeleter as these handle the type of drives appropriately for maximum safety and minimum wear.

Leave a comment

  Notify me when someone replies to this comment.
  Join our Mailing List